From d4eae9fd3946d0747a555710f52099221586d538 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 21 Sep 2009 11:46:32 -0400
Subject: [PATCH] Fixed: FS#875 - SRV Records need validation

---
 server/lib/classes/db_mysql.inc.php |   75 +++++++++++++++++++++----------------
 1 files changed, 42 insertions(+), 33 deletions(-)

diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php
index 0270821..986aa81 100644
--- a/server/lib/classes/db_mysql.inc.php
+++ b/server/lib/classes/db_mysql.inc.php
@@ -29,20 +29,19 @@
 
 	class db
 	{
-		var $dbHost = "";		  // hostname of the MySQL server
-		var $dbName = "";		  // logical database name on that server
-		var $dbUser = "";		  // database authorized user
-		var $dbPass = "";		  // user's password
-		var $dbCharset = "";      // what charset comes and goes to mysql: utf8 / latin1
-		var $linkId = 0;		  // last result of mysql_connect()
-		var $queryId = 0;		  // last result of mysql_query()
-		var $record	= array();	  // last record fetched
-        var $autoCommit = 1;      // Autocommit Transactions
-		var $currentRow;		  // current row number
-		var $errorNumber = 0;	  // last error number
-		var $errorMessage = "";	  // last error message
-		var $errorLocation = "";  // last error location
-		var $show_error_messages = false;
+		var $dbHost = "";		// hostname of the MySQL server
+		var $dbName = "";		// logical database name on that server
+		var $dbUser = "";		// database authorized user
+		var $dbPass = "";		// user's password
+		var $linkId = 0;		// last result of mysql_connect()
+		var $queryId = 0;		// last result of mysql_query()
+		var $record	= array();	// last record fetched
+        var $autoCommit = 1;    // Autocommit Transactions
+		var $currentRow;		// current row number
+		var $errorNumber = 0;	// last error number
+		var $errorMessage = "";	// last error message
+		var $errorLocation = "";// last error location
+		var $show_error_messages = true;
 
 		// constructor
 		function db()
@@ -53,20 +52,21 @@
 			$this->dbName = $conf["db_database"];
 			$this->dbUser = $conf["db_user"];
 			$this->dbPass = $conf["db_password"];
-			$this->dbCharset = $conf["db_charset"];
 			//$this->connect();
 		}
 
 		// error handler
 		function updateError($location)
 		{
-			$this->errorNumber = mysql_errno();
-			$this->errorMessage = mysql_error();
+			global $app;
+			$this->errorNumber = mysql_errno($this->linkId);
+			$this->errorMessage = mysql_error($this->linkId);
 			$this->errorLocation = $location;
-			if($this->errorNumber && $this->show_error_messages)
+			if($this->errorNumber && $this->show_error_messages && method_exists($app,'log'))
 			{
-				echo('<br /><b>'.$this->errorLocation.'</b><br />'.$this->errorMessage);
-				flush();
+				// echo('<br /><b>'.$this->errorLocation.'</b><br />'.$this->errorMessage);
+				$app->log($this->errorLocation." ".$this->errorMessage,LOGLEVEL_WARN);
+				//flush();
 			}
 		}
 
@@ -77,10 +77,9 @@
 				$this->linkId = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass);
 				if(!$this->linkId)
 				{
-					$this->updateError('DB::connect()<br />mysql_connect');
+					$this->updateError('DB::connect()-> mysql_connect');
 					return false;
 				}
-    			$this->queryId = @mysql_query('SET NAMES '.$this->dbCharset, $this->linkId);
 			}
 			return true;
 		}
@@ -93,11 +92,11 @@
 			}
 			if(!mysql_select_db($this->dbName, $this->linkId))
 			{
-				$this->updateError('DB::connect()<br />mysql_select_db');
+				$this->updateError('DB::connect()-> mysql_select_db');
 				return false;
 			}
 			$this->queryId = @mysql_query($queryString, $this->linkId);
-			$this->updateError('DB::query('.$queryString.')<br />mysql_query');
+			$this->updateError('DB::query('.$queryString.') -> mysql_query');
 			if(!$this->queryId)
 			{
 				return false;
@@ -135,7 +134,7 @@
 		function nextRecord()
 		{
             $this->record = mysql_fetch_assoc($this->queryId);
-			$this->updateError('DB::nextRecord()<br />mysql_fetch_array');
+			$this->updateError('DB::nextRecord()-> mysql_fetch_array');
 			if(!$this->record || !is_array($this->record))
 			{
 				return false;
@@ -171,7 +170,7 @@
 				return addslashes($formfield);
 			}
 			
-			return mysql_real_escape_string($formfield);
+			return mysql_real_escape_string($formfield, $this->linkId);
         }
 		
 		// Check der variablen
@@ -226,14 +225,24 @@
            }
        }
        
-       function closeConn() {
+       public function closeConn()
+    	{
+    		if($this->linkId)
+    		{
+    			mysql_close($this->linkId);
+    			return true;
+    		} else { return false; }
+    	}
        
-       }
-       
-       function freeResult() {
-       
-       
-       }
+    	public function freeResult($query) 
+    	{
+    		if(mysql_free_result($query))
+    		{
+    			return true;
+    		} else {
+    			return false;
+    		}
+    	}
        
        function delete() {
        

--
Gitblit v1.9.1